Dynamic Data Masking (DDM)

Definition - What does Dynamic Data Masking (DDM) mean?

Dynamic data masking (DDM) is a strategy for controlling or limiting unauthorized access to data, where data streams from a database or production environment are altered or "masked" as they are requested.

Techopedia explains Dynamic Data Masking (DDM)

In general, dynamic data masking (DDM) is real-time data masking. It is often compared with another method for data masking, called static data masking, which involves setting up a separate shielded database or a "dummy database" including value-less data at load time.

Dynamic data masking provides solutions for the cases where individuals are working close to the production environment, but should not have access to the original data. For example, contractors and staffers may be trying to troubleshoot or update a production database. It is important that they do not have access to sensitive pieces of information such as individual health data, credit card numbers, etc. — with DDM, the information is jumbled or otherwise altered so that these technicians are working with harmless data as they manipulate a database. A number of DDM systems are "policy driven" — that is, they address existing security policies within an enterprise, by delivering more precise results that do not put sensitive data in jeopardy.